5. Selling your data to marketers

Which ISPs did it before? We don’t know—but they’re doing it as you read this!

It’s no secret that many ISPs think they’re sitting on a gold mine of user data that they want to sell to marketers. What some people don’t realize is that some are already doing it. (Unfortunately they’re getting away with this for now because the FCC’s rules haven’t gone into effect yet.)

According to Ad Age, SAP sells a service called Consumer Insights 365, which “ingests regularly updated data representing as many as 300 cellphone events per day for each of the 20 million to 25 million mobile subscribers.” What type of data does Consumer Insights 365 “ingest?” Again, according to Ad Age, “The service also combines data from telcos with other information, telling businesses whether shoppers are checking out competitor prices… It can tell them the age ranges and genders of people who visited a store location between 10 a.m. and noon, and link location and demographic data with shoppers' web browsing history.” And who is selling SAP their customers’ data? Ad Age says “SAP won't disclose the carriers providing this data.”

In other words, mobile broadband providers are too afraid to tell you, their customers, that they’re selling data about your location, demographics, and browsing history. Maybe that’s because it’s an incredibly creepy thing to do, and these ISPs don’t want to get caught red-handed.

And speaking of getting caught red-handed, that brings us to…

4. Hijacking your searches

Which ISPs did it before? Charter, Cogent, DirecPC, Frontier, Wide Open West (to name a few)

When you entered a search term in your browser’s search box or URL bar, your ISP directed that query to Paxfire instead of to an actual search engine. Paxfire then checked what you were searching for to see if it matched a list of companies that had paid them for more traffic. If your query matched one of these brands (e.g. you had typed in “apple”, “dell”, or “wsj”, to name a few) then Paxfire would send you directly to that company’s website instead of sending you to a search engine and showing you all the search results (which is what you’d normally expect). The company would then presumably give Paxfire some money, and Paxfire would presumably give your ISP some money.

It’s hard to believe we’re still on the subtle end of the creepy spectrum. But things are about to get a whole lot more in-your-face creepy, with…

3. Snooping through your traffic and inserting ads

Which ISPs did it before? AT&T, Charter, CMA

This is the biggest one people are worried about, and with good reason—ISPs have every incentive to snoop through your traffic, record what you’re browsing, and then inject ads into your traffic based on your browsing history.

We don’t think this one requires much explaining for folks to understand just how privacy invasive this is. But if you need a reminder, we’re talking about the company that carries all your Internet traffic examining each packet in detail1 to build up a profile on you, which they can then use to inject even more ads into your browsing experience. (Or, even worse—they could hire a third-party company like NebuAd or Phorm to do all this for them.) That’s your ISP straight up spying on you to sell ads—and turning the creepiness factor up to eleven.2 And speaking of spying, we’d be remiss if we didn’t mention…

2. Pre-installing software on your phone and recording every URL you visit

This is even creepier than number three on our list (watching your traffic and injecting ads), because at least with number three, your ISP can only see your unencrypted traffic. With Carrier IQ, your ISP could also see what encrypted (HTTPS) URLs you visit and record what apps you use.

Simply put, preinstalled software like Carrier IQ gives your ISP a window into everything you do on your phone. While mobile ISPs may have backed down on using Carrier IQ in the past (and the situation led to a class action lawsuit), you can bet that if the FCC’s privacy rules are rolled back there’ll be ISPs be eager to start something similar.

But none of these creepy practices holds a candle to the ultimate, creepiest thing ISPs want to do with your traffic, which is…

But it gets worse. Initially, there was no way for customers to turn this “feature” off. It didn’t matter if you were browsing in Incognito or Private Browsing mode, using a tracker-blocker, or had enabled Do-Not-Track: Verizon ignored all this and inserted a unique identifier into all your unencrypted outbound traffic anyway. According to the FCC, it wasn’t until “two years after Verizon Wireless first began inserting UIDH, that the company updated its privacy policy to disclose its use of UIDH and began to offer consumers the opportunity to opt-out of the insertion of unique identifier headers into their Internet traffic.”

As you can see, there’s a lot at stake in this fight. The FCC privacy rules congress is trying to kill would limit all of these creepy practices (and even ban some of them outright). So don’t forget to call your senators and representative right now—because if we don’t stop Congress from killing the FCC’s ISP privacy rules now, we may end up with a lot more than five creepy ISP practices in the future.

1. To be absolutely precise, your ISP could track and record all your HTTP traffic, and the domain name you visit for HTTPS websites.

2. We’ve heard some arguments that is just what Google or Facebook do, but there’s a big difference. You can choose not to use Google or Facebook, and it’s easy to install free tools that block their tracking on other parts of the web. EFF even makes such a tool, called Privacy Badger! But changing ISPs or paying for a VPN is hard (and some people don’t have more than one choice of ISP). For more, see our post on busting three ISP privacy rollback myths.

Related Updates

The future of competition in high-speed broadband access looks bleak. A vast majority of homes only have their cable monopoly as their choice for speeds in excess of 100 mbps and small ISPs and local governments are carrying the heavy load of deploying fiber networks that surpass gigabit cable networks...

American cities across the country face the same problem: major private Internet providers, facing little in the way of competition, refusing to invest and upgrade their networks to all residents. But not every city has gone through the trouble to analyze the problem, come up with a solution, and still...

Californians have successfully pushed the state's legislature to restore two-thirds of the 2015 Open Internet Order through state laws. Stopping legislation from Assemblymember Lorena Gonzalez that's backed by AT&T and Comcast is the final piece to bringing back those critical protections to promote broadband choice. The California Assembly will soon...

In a vote of 232-190, the House of Representatives passed the Save the Internet Act (H.R. 1644). This is a major step forward in the fight for net neutrality protections, and it’s because you spoke up about what you want. The Save the Internet Act was written to restore the...

Congress took a big step today toward protecting net neutrality, competition, and privacy for Internet users. The House Energy and Commerce Committee just voted 30-22 to approve an amended version of the Save the Internet Act of 2019 (H.R.1644). Please join us in urging your members of Congress...

The Save the Internet Act (H.R. 1644) has survived its first vote, 18-11. This is a victory for everyone who wants strong, real net neutrality protections. It is, as is so often the case in the net neutrality battle, a win for the majority of Americans who support these...

When the FCC announced its intention to repeal the 2015 Open Internet Order, Americans spoke up. When the FCC ignored the fact that most Americans support net neutrality, Americans spoke up again, asking Congress to reverse the FCC’s decision. And the Senate listened. This fight continues in...

Oakland residents, we need your stories and experience to continue the fight to stop powerful Internet Service Providers (ISPs) from limiting your ability to choose the service that’s best for you. Submit Your Story If you live in Oakland and have had trouble acquiring service from the ISP...

The majority of Americans support net neutrality protections. Based on the comments in the most recent Congressional hearing on net neutrality, you could come away with the idea that most of Congress and most of the giant Internet Service Providers do, too. But if you read between the lines...